perf(gravatar): convert email to lowercase before hashing for gravatar

docs/docs/develop/api-old.md

@@ -43,7 +43,7 @@
 | `data.comment.id`              | Number   |   -    | 评论 ID                                |
 | `data.comment.content`         | String   |   -    | 评论正文                               |
 | `data.comment.nick`            | String   |   -    | 评论者昵称                             |
-| `data.comment.email_encrypted` | String   |   -    | 评论者邮箱 MD5 加密值                  |
+| `data.comment.email_encrypted` | String   |   -    | 评论者邮箱 SHA256 加密值                |
 | `data.comment.link`            | String   |   -    | 评论者链接                             |
 | `data.comment.ua`              | String   |   -    | 评论者 User-Agent                      |
 | `data.comment.date`            | String   |   -    | 评论时间，格式为 `1970-01-01 00:00:00` |

internal/dao/cook.go

@@ -1,6 +1,8 @@
 package dao
 
 import (
+	"strings"
+
 	"github.com/ArtalkJS/Artalk/internal/entity"
 	"github.com/ArtalkJS/Artalk/internal/utils"
 	"github.com/samber/lo"
@@ -38,7 +40,7 @@ func (dao *Dao) CookComment(c *entity.Comment) entity.CookedComment {
 		ContentMarked:  markedContent,
 		UserID:         c.UserID,
 		Nick:           user.Name,
-		EmailEncrypted: utils.GetSha256Hash(user.Email),
+		EmailEncrypted: utils.GetSha256Hash(strings.ToLower(user.Email)),
 		Link:           user.Link,
 		UA:             c.UA,
 		Date:           c.CreatedAt.Local().Format(CommonDateTimeFormat),
@@ -90,7 +92,7 @@ func (dao *Dao) CookCommentForEmail(c *entity.Comment) entity.CookedCommentForEm
 		Site:       dao.CookSite(&site),
 		CookedComment: entity.CookedComment{
 			ID:             c.ID,
-			EmailEncrypted: utils.GetSha256Hash(user.Email),
+			EmailEncrypted: utils.GetSha256Hash(strings.ToLower(user.Email)),
 			Link:           user.Link,
 			UA:             c.UA,
 			IsCollapsed:    c.IsCollapsed,

ui/artalk-sidebar/package.json

@@ -15,6 +15,7 @@
   },
   "dependencies": {
     "artalk": "workspace:^",
+    "crypto-js": "^4.2.0",
     "pinia": "^2.1.7",
     "vue": "^3.4.26",
     "vue-i18n": "^9.13.1",
@@ -24,6 +25,7 @@
   "devDependencies": {
     "@rushstack/eslint-patch": "^1.10.2",
     "@tsconfig/node18": "^18.2.4",
+    "@types/crypto-js": "^4.2.2",
     "@types/jsdom": "^21.1.6",
     "@vitejs/plugin-vue": "^5.0.4",
     "@vue/eslint-config-prettier": "^9.0.0",

ui/artalk-sidebar/src/components/Header.vue

@@ -1,6 +1,5 @@
 <script setup lang="ts">
-// @ts-ignore
-import MD5 from '../lib/md5'
+import sha256 from 'crypto-js/sha256'
 import { storeToRefs } from 'pinia'
 import { useUserStore } from '../stores/user'
 import { useNavStore } from '../stores/nav'
@@ -15,7 +14,7 @@ const { site: curtSite, isAdmin, email } = storeToRefs(user)
 const userAvatarImgURL = computed(() => {
   const conf = artalk?.ctx.conf?.gravatar
   if (!conf) return ``
-  return `${conf.mirror.replace(/\/$/, '')}/${MD5(email.value)}?${conf.params.replace(/^\?/, '')}`
+  return `${conf.mirror.replace(/\/$/, '')}/${sha256(email.value.toLowerCase())}?${conf.params.replace(/^\?/, '')}`
 })
 
 const avatarClickHandler = () => {

ui/artalk/src/comment/comment-node.ts

@@ -204,7 +204,7 @@ export default class CommentNode {
     return Utils.getGravatarURL({
       mirror: this.opts.gravatar.mirror,
       params: this.opts.gravatar.params,
-      emailMD5: this.data.email_encrypted,
+      emailHash: this.data.email_encrypted,
     })
   }
 

ui/artalk/src/lib/utils.ts

@@ -107,8 +107,8 @@ export function timeAgo(date: Date, $t: Function = (n: string) => n) {
   }
 }
 
-export function getGravatarURL(opts: { params: string; mirror: string; emailMD5: string }) {
-  return `${opts.mirror.replace(/\/$/, '')}/${opts.emailMD5}?${opts.params.replace(/^\?/, '')}`
+export function getGravatarURL(opts: { params: string; mirror: string; emailHash: string }) {
+  return `${opts.mirror.replace(/\/$/, '')}/${opts.emailHash}?${opts.params.replace(/^\?/, '')}`
 }
 
 export function sleep(ms: number) {